Security Updates（DSA-3541-1 &DSA-3542-1 &DSA-3543-1）

The security updates of libreoffice, tomcat8, libcommons-fileupload-java, libvirt, tomcat7, wireshark, horizon, libgd2, pidgin, squid3, openssh, phpmyadmin, ntp, libgd2, php5, mariadb-10.0 and collctd.   Vulnerability Information DSA-3608-1 libreoffice — Security Updates Security database details: Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened.   DSA-3609-1 tomcat8 — Security Updates Security database details: Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections, bypass of the SecurityManager or denial of service. …Read more

The security updates of wireshark, atheme-services, libgd2 and symfony.   Vulnerability Information DSA-3585-1 wireshark — security update Security database details: Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP which could result in denial of service.   DSA-3586-1 atheme-services — security update Security database details: It was discovered that a buffer overflow in the XMLRPC response encoding code of the Atheme IRC services may result in denial of service.   DSA-3587-1 libgd2 — security update Security database details: Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker …Read more

The security updates of iceweasel, libtasn1-6, mercurial, ikiwiki, jansson, libidn, xerces-c and imagemagick.   Vulnerability Information DSA-3559-1 iceweasel — Security Updates Security database details: Multiple security issues have been found in Iceweasel, Debian’s version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service.   DSA-3568-1 libtasn1-6 — Security Updates Security database details: CVE-2016-4008: Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to manage ASN.1 structures, does not correctly handle certain malformed DER certificates. A remote attacker can take advantage of this flaw to cause …Read more

The security updates of openssl and libpam-sshauth.   Vulnerability Information DSA-3566-1 openssl–Security Updates Security database details: CVE-2016-2105: Guido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2106: Guido Vranken discovered that an overflow can occur in the function EVP_EncryptUpdate() if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2107: Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an …Read more

The security updates of imlib2 and libgd2.   Vulnerability Information DSA-3555-1 imlib2 –Security Updates Security database details: CVE-2011-5326 : Kevin Ryde discovered that attempting to draw a 2×1 radi ellipse results in a floating point exception. CVE-2014-9771: It was discovered that an integer overflow could lead to invalid memory reads and unreasonably large memory allocations. CVE-2016-3993: Yuriy M. Kaminskiy discovered that drawing using coordinates from an untrusted source could lead to an out-of-bound memory read, which in turn could result in an application crash. CVE-2016-3994: Jakub Wilk discovered that a malformed image could lead to an out-of-bound read in the GIF loader, which may result in …Read more

The security updates of samba, chromium-browser and openssh.   Vulnerability Information DSA-3548-1 samba— Security Update Security database details: CVE-2015-5370: Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110: Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111: When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel’s endpoint, and obtain sensitive session information. This flaw corresponds to the same …Read more

The security updates of roundcube, mercurial and oar.   Vulnerability Information DSA-3541-1 roundcube— Security Update Security database details: CVE-2015-8770: High-Tech Bridge Security Research Lab discovered that Roundcube, a webmail client, contained a path traversal vulnerability. This flaw could be exploited by an attacker to access sensitive files on the server, or even execute arbitrary code.   DSA-3542-1 mercurial— Security Update Security database details: Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-3068: Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in arbitrary …Read more